Examples with NAEKey com.ingrian.security.nae.NAEKey used on opensource projects

Example 21 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class BulkOperationSample method main.

public static void main(String[] args) {
    if (args.length != 4) {
        System.out.println("Usage: java BulkOperationSample <username>" + " <password>" + " <keyname> <datafile>");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String keyName = args[2];
    String fileName = args[3];
    NAESession session = null;
    try {
        // Getting session and key
        session = NAESession.getSession(userName, password.toCharArray());
        NAEKey key = NAEKey.getSecretKey(keyName, session);
        // Getting instance for the bulk operation. Should be called
        // whenever bulk operation needs to be performed.
        AbstractNAECipher encryptCipher = NAECipher.getInstanceForBulkData("AES/GCM/NoPadding", "IngrianProvider");
        // read the contents from the file and write into the arrays
        readContentsFromFileAndWriteToArrays(fileName);
        // initializing the cipher for encrypt operation
        encryptCipher.init(Cipher.ENCRYPT_MODE, key, spec[0]);
        // Map to store exceptions while encryption
        Map<Integer, String> encryptedErrorMap = new HashMap<Integer, String>();
        // performing bulk operation
        byte[][] encryptedData = encryptCipher.doFinalBulk(data, spec, encryptedErrorMap);
        // displaying the encrypted data
        displayData(encryptedData, "Encrypted data");
        // cipher instance for decryption
        AbstractNAECipher decryptCipher = NAECipher.getInstanceForBulkData("AES/GCM/NoPadding", "IngrianProvider");
        // initializing the cipher for decrypt operation
        decryptCipher.init(Cipher.DECRYPT_MODE, key, spec[0]);
        // Map to store exceptions while decryption
        Map<Integer, String> decryptedErrorMap = new HashMap<Integer, String>();
        // performing bulk operation
        byte[][] decryptedData = decryptCipher.doFinalBulk(encryptedData, spec, decryptedErrorMap);
        // displaying the decrypted data
        displayData(decryptedData, "Decrypted Data ");
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        // releasing session
        if (session != null) {
            session.closeSession();
        }
    }
}

Example 22 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class CachingSample method oneShotEncrypt.

public void oneShotEncrypt(NAESession session, String keyname, String algorithm, String plainText, String ivStr) {
    Cipher encryptCipher = null;
    Cipher decryptCipher = null;
    try {
        NAEKey pkey = NAEKey.getSecretKey(keyname, session);
        encryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
        if (ivStr == null) {
            encryptCipher.init(Cipher.ENCRYPT_MODE, pkey);
            byte[] outbuf = encryptCipher.doFinal(plainText.getBytes());
            decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
            decryptCipher.init(Cipher.DECRYPT_MODE, pkey);
            byte[] newbuf = decryptCipher.doFinal(outbuf);
            System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
        } else {
            byte[] iv = ivStr.getBytes();
            IvParameterSpec ivSpec = new IvParameterSpec(iv);
            encryptCipher.init(Cipher.ENCRYPT_MODE, pkey, ivSpec);
            byte[] outbuf = encryptCipher.doFinal(plainText.getBytes());
            decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
            decryptCipher.init(Cipher.DECRYPT_MODE, pkey, ivSpec);
            byte[] newbuf = decryptCipher.doFinal(outbuf);
            System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
        }
    } catch (Exception e) {
        e.printStackTrace();
        System.out.println("Exception = " + e);
    }
}

Example 23 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPDatesAndStatesSample method main.

public static void main(String[] args) throws Exception {
    String keyName = null;
    int keyLength = 256;
    if (args.length != 3) {
        usage();
    }
    keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create KMIP Session - specify client X.509 certificate and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // create key custom attributes
        NAEKey key = null;
        deleteIfExists(keyName, session, key);
        /* create a secret key using JCE key generator */
        NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) null, session);
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(spec);
        SecretKey secretKey = kg.generateKey();
        System.out.println("Created new key " + ((NAEKey) secretKey).getName());
        /* cast to NAEKey and list the default attribute names */
        Set<String> defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
        key = ((NAEKey) secretKey);
        KMIPAttributes getState = new KMIPAttributes();
        getState.add(KMIPAttribute.State);
        getState.add(KMIPAttribute.ActivationDate);
        getState.add(KMIPAttribute.InitialDate);
        getState.add(KMIPAttribute.DeactivationDate);
        KMIPAttributes gotState = key.getKMIPAttributes(getState);
        System.out.println("State = " + gotState.getState());
        System.out.println("InitialDate  = " + sdf.format(gotState.getDate(KMIPAttribute.InitialDate).getTime()));
        System.out.println("ActivationDate  = " + ((gotState.getDate(KMIPAttribute.ActivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
        key = ((NAEKey) secretKey);
        System.out.println("Activating:");
        key.activate();
        gotState = key.getKMIPAttributes(getState);
        defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
        System.out.println("State = " + gotState.getState());
        System.out.println("ActivationDate  = " + ((gotState.getDate(KMIPAttribute.ActivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
        // now deactivate it
        Calendar c = Calendar.getInstance();
        c.setTimeInMillis((gotState.getDate(KMIPAttribute.ActivationDate)).getTime().getTime());
        System.out.println("Deactivating as of " + sdf.format(c.getTime()));
        KMIPAttributes modDates = new KMIPAttributes();
        modDates.addDate(KMIPAttribute.DeactivationDate, c);
        key.addKMIPAttributes(modDates);
        ;
        defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
        gotState = key.getKMIPAttributes(getState);
        System.out.println("State = " + gotState.getState());
        System.out.println("Dectivation Date  = " + ((gotState.getDate(KMIPAttribute.DeactivationDate) != null) ? sdf.format(gotState.getDate(KMIPAttribute.ActivationDate).getTime()) : "null"));
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}

Example 24 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPCreateSymmetricKeySample method main.

public static void main(String[] args) throws Exception {
    String keyName = null;
    int keyLength = 256;
    if (args.length != 3) {
        usage();
    }
    keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create KMIP Session - specify client X.509 certificate and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        NAEKey key;
        try {
            /* does the key exist? if so, delete it */
            /* get..Key method is merely a placeholder for a managed object 
                * with that name. */
            key = NAEKey.getSecretKey(keyName, session);
            /* getUID() will throw an exception if the key does not exist */
            if (key.getUID() != null) {
                // exists if Unique Identifier is not null
                System.out.println("Deleting key " + keyName + " with UID=" + key.getUID());
                key.delete();
            }
        } catch (Exception notFound) {
        }
        /* create a secret key on the Key Manager using JCE key generator */
        KMIPAttributes initialAttributes = new KMIPAttributes();
        initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Encrypt.getValue() | UsageMask.Decrypt.getValue()));
        NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) initialAttributes, session);
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(spec);
        SecretKey secretKey = kg.generateKey();
        System.out.println("Created key " + ((NAEKey) secretKey).getName());
        /* cast to NAEKey and list the default attribute names */
        Set<String> defaultAttributes = ((NAEKey) secretKey).listKMIPAttributes();
        System.out.println(defaultAttributes);
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}

Example 25 with NAEKey

use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.

the class WrapKeySample method main.

public static void main(String[] args) {
    Security.addProvider(new IngrianProvider());
    if (args.length != 5) {
        System.err.println("Usage: java WrapKeySample user password keyToWrapName wrappingKeyName groupName");
        System.exit(-1);
    }
    String userName = args[0];
    String passWord = args[1];
    String keyToWrapName = "WrapSamplePair" + args[2];
    String wrappingKeyName = "WrapSampleKey" + args[3];
    String groupName = args[4];
    NAESession session = null;
    try {
        // Create an NAESession.
        session = NAESession.getSession(userName, passWord.toCharArray());
        NAEParameterSpec spec = new NAEParameterSpec(keyToWrapName, true, true, 256, session);
        // Delete any existing keys from this sample.
        NAEKey keyToDelete = NAEKey.getSecretKey(keyToWrapName, session);
        deleteExistingKeys(wrappingKeyName, session, keyToDelete);
        // Generate an AES key to be wrapped when exported.
        KeyGenerator generator = KeyGenerator.getInstance("AES", "IngrianProvider");
        // NAEEParameters to pass session
        generator.init(spec);
        NAEKey keyToBeWrapped = (NAEKey) generator.generateKey();
        // Create a public/private RSA key pair to do the key wrapping.
        // The AES key will be wrapped with the RSA Public Key, and
        // later unwrapped using the RSA Private Key.
        KeyPair pair = createKeyPair(session, groupName, wrappingKeyName);
        NAEPublicKey publicKey = NAEKey.getPublicKey(wrappingKeyName, session);
        NAEPrivateKey privateKey = NAEKey.getPrivateKey(wrappingKeyName, session);
        // Init a JCE Cipher in WRAP_MODE to do the key wrapping.
        Cipher cipher = Cipher.getInstance("RSA", "IngrianProvider");
        cipher.init(Cipher.WRAP_MODE, publicKey, spec);
        // Wrap and export the wrapped AES Key from the Key Manager
        // using the cipher.wrap method.
        // The key is wrapped with the Public key from the key pair
        // on the Key Manager which was generated earlier.
        byte[] wrappedKey = cipher.wrap(keyToBeWrapped);
        System.out.println("wrapped  : " + IngrianProvider.byteArray2Hex(wrappedKey));
        System.out.println("Length   : " + wrappedKey.length);
        // Unwrap the AES key using the private key of the
        // generated key pair using the SunJCE provider.
        // Export the NAEPrivate key as a JCE PrivateKey.
        PrivateKey prKey = privateKey.exportJCEKey();
        // Initialize a Cipher based on the SunJCE provider.
        // For IBM Java, change the provider from "SunJCE" to "IBMJCE"
        // Note the use of PKCS1Padding.
        Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunJCE");
        cipher2.init(Cipher.UNWRAP_MODE, prKey);
        // Unwrap the wrapped key from the bytes returned from the
        // Key Manager.
        Key unWrappedKey = cipher2.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);
        System.out.println("Unwrapped: " + IngrianProvider.byteArray2Hex(unWrappedKey.getEncoded()));
        System.out.println("Original : " + IngrianProvider.byteArray2Hex(keyToBeWrapped.export()));
        if (Arrays.equals(keyToBeWrapped.export(), unWrappedKey.getEncoded()))
            System.out.println("Unwrapped key bytes equal original key bytes");
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}